﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;

namespace Root.Models.BLL
{
    public class AntiXSS
    {
        public static string ValidateInput(string input, string replacement, params string[] wordsToBeReplaced)
        {
            input = input.Replace("&#", ";&#");
            input = HttpUtility.HtmlDecode(input);
            input = HttpUtility.UrlDecode(input);
            foreach (string word in wordsToBeReplaced)
            {
                input = input.Replace(word, replacement);
            }
            return input;
        }
    }
}